Changeset 26605 for extensions/oAuth/include
- Timestamp:
- Jan 11, 2014, 1:27:14 AM (10 years ago)
- Location:
- extensions/oAuth/include
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/oAuth/include/functions.inc.php
r26604 r26605 25 25 function oauth_assign_template_vars($u_redirect=null) 26 26 { 27 global $template, $conf, $hybridauth_conf ;27 global $template, $conf, $hybridauth_conf, $user; 28 28 29 29 $conf['oauth']['include_common_template'] = true; … … 31 31 if ($template->get_template_vars('OAUTH') == null) 32 32 { 33 if (!empty($user['oauth_id'])) 34 { 35 list($provider, $identifier) = explode('---', $user['oauth_id'], 2); 36 if ($provider == 'Persona') 37 { 38 $persona_email = $identifier; 39 } 40 } 41 33 42 $template->assign('OAUTH', array( 34 43 'conf' => $conf['oauth'], 35 44 'u_login' => get_root_url() . OAUTH_PATH . 'auth.php?provider=', 36 45 'providers' => $hybridauth_conf['providers'], 46 'persona_email' => @$persona_email, 37 47 )); 38 48 $template->assign(array( … … 70 80 } 71 81 } 82 83 // http://www.sitepoint.com/authenticate-users-with-mozilla-persona/ 84 function persona_verify() 85 { 86 $url = 'https://verifier.login.persona.org/verify'; 87 88 $assert = filter_input( 89 INPUT_POST, 90 'assertion', 91 FILTER_UNSAFE_RAW, 92 FILTER_FLAG_STRIP_LOW|FILTER_FLAG_STRIP_HIGH 93 ); 94 95 $scheme = 'http'; 96 if ( (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443 ) 97 { 98 $scheme = 'https'; 99 } 100 $audience = sprintf( 101 '%s://%s:%s', 102 $scheme, 103 $_SERVER['HTTP_HOST'], 104 $_SERVER['SERVER_PORT'] 105 ); 106 107 $params = 'assertion=' . urlencode($assert) . '&audience=' . urlencode($audience); 108 109 $options = array( 110 CURLOPT_URL => $url, 111 CURLOPT_RETURNTRANSFER => true, 112 CURLOPT_POST => true, 113 CURLOPT_POSTFIELDS => $params, 114 CURLOPT_SSL_VERIFYPEER => true, 115 CURLOPT_SSL_VERIFYHOST => 2, 116 ); 117 118 $ch = curl_init(); 119 curl_setopt_array($ch, $options); 120 $result = curl_exec($ch); 121 curl_close($ch); 122 123 if ($result === false) 124 { 125 return false; 126 } 127 else 128 { 129 return json_decode($result, true); 130 } 131 } -
extensions/oAuth/include/providers_stats.inc.php
r26555 r26605 55 55 'provider_name' => 'OpenID', 56 56 'new_app_link' => null, 57 'about_link' => 'http://openid.net/get-an-openid/what-is-openid/', 57 58 ), 58 59 'Flickr' => array( … … 60 61 'provider_name' => 'Flickr', 61 62 'new_app_link' => null, 63 'about_link' => 'http://openid.net/get-an-openid/what-is-openid/', 62 64 ), 63 65 'Steam' => array( … … 65 67 'provider_name' => 'Steam', 66 68 'new_app_link' => null, 69 'about_link' => 'http://openid.net/get-an-openid/what-is-openid/', 67 70 ), 68 71 'Wordpress' => array( … … 70 73 'provider_name' => 'Wordpress', 71 74 'new_app_link' => null, 75 'about_link' => 'http://openid.net/get-an-openid/what-is-openid/', 72 76 ), 77 'Persona' => array( 78 'label' => 'Persona', 79 'provider_name' => 'Persona', 80 'new_app_link' => null, 81 'about_link' => 'https://login.persona.org/about', 82 ), 73 83 ); -
extensions/oAuth/include/public_events.inc.php
r26604 r26605 9 9 global $template, $conf, $hybridauth_conf; 10 10 11 if ($hybridauth_conf['enabled'] >0)11 if ($hybridauth_conf['enabled'] == 0) 12 12 { 13 13 return; … … 37 37 { 38 38 list($oauth_id) = pwg_db_fetch_row($result); 39 list($provider) = explode('---', $oauth_id );39 list($provider) = explode('---', $oauth_id, 2); 40 40 $_SESSION['page_errors'][] = l10n('You registered with a %s account, please sign in with the same account.', $provider); 41 41 … … 65 65 list($provider, $user_identifier) = pwg_get_session_var('oauth_new_user'); 66 66 67 require_once(OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php');68 69 67 try { 70 $hybridauth = new Hybrid_Auth($hybridauth_conf); 71 $adapter = $hybridauth->authenticate($provider); 72 $remote_user = $adapter->getUserProfile(); 73 74 // security, check remote identifier 75 if ($remote_user->identifier != $user_identifier) 68 if ($provider == 'Persona') 76 69 { 77 pwg_unset_session_var('oauth_new_user'); 78 throw new Exception('Hacking attempt!', 403); 70 $template->assign('OAUTH_USER', array( 71 'provider' => $provider, 72 'username' => $user_identifier, 73 'u_profile' => null, 74 'avatar' => null, 75 )); 76 77 oauth_assign_template_vars(); 78 $template->append('OAUTH', array('persona_email'=>$user_identifier), true); 79 80 $conf['oauth']['include_common_template'] = true; 79 81 } 80 81 $template->assign('OAUTH_USER', array( 82 'provider' => $provider, 83 'username' => $remote_user->displayName, 84 'u_profile' => $remote_user->profileURL, 85 'avatar' => $remote_user->photoURL, 86 )); 82 else 83 { 84 require_once(OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php'); 87 85 86 $hybridauth = new Hybrid_Auth($hybridauth_conf); 87 $adapter = $hybridauth->authenticate($provider); 88 $remote_user = $adapter->getUserProfile(); 89 90 // security, check remote identifier 91 if ($remote_user->identifier != $user_identifier) 92 { 93 pwg_unset_session_var('oauth_new_user'); 94 throw new Exception('Hacking attempt!', 403); 95 } 96 97 $template->assign('OAUTH_USER', array( 98 'provider' => $provider, 99 'username' => $remote_user->displayName, 100 'u_profile' => $remote_user->profileURL, 101 'avatar' => $remote_user->photoURL, 102 )); 103 } 104 105 $oauth_id = $provider.'---'.$user_identifier; 106 88 107 $page['infos'][] = l10n('Your registration is almost done, please complete the registration form.'); 89 90 $oauth_id = $provider.'---'.$remote_user->identifier;91 108 92 109 // form submited … … 124 141 { 125 142 // overwrite fields with remote datas 126 $_POST['login'] = $remote_user->displayName; 127 $_POST['mail_address'] = $remote_user->email; 143 if ($provider == 'Persona') 144 { 145 $_POST['login'] = ''; 146 $_POST['mail_address'] = $user_identifier; 147 } 148 else 149 { 150 $_POST['login'] = $remote_user->displayName; 151 $_POST['mail_address'] = $remote_user->email; 152 } 128 153 } 129 154 … … 133 158 $template->set_prefilter('register', 'oauth_remove_password_fields_prefilter'); 134 159 } 135 catch (Exception $e) { 160 catch (Exception $e) 161 { 136 162 $page['errors'][] = l10n('An error occured, please contact the gallery owner. <i>Error code : %s</i>', $e->getCode()); 137 163 } … … 152 178 function oauth_begin_profile() 153 179 { 154 global $template, $user, $hybridauth_conf, $page; 155 156 $oauth_id = get_oauth_id($user['id']); 157 158 if (!isset($oauth_id)) 159 { 160 return; 161 } 162 163 list($provider) = explode('---', $oauth_id); 164 165 require_once(OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php'); 180 global $template, $user, $hybridauth_conf, $page, $user; 181 182 if (empty($user['oauth_id'])) 183 { 184 return; 185 } 186 187 list($provider, $user_identifier) = explode('---', $user['oauth_id'], 2); 166 188 167 189 try { 168 $hybridauth = new Hybrid_Auth($hybridauth_conf); 169 $adapter = $hybridauth->getAdapter($provider); 170 $remote_user = $adapter->getUserProfile(); 171 172 $template->assign('OAUTH_USER', array( 173 'provider' => $provider, 174 'username' => $remote_user->displayName, 175 'u_profile' => $remote_user->profileURL, 176 'avatar' => $remote_user->photoURL, 177 )); 190 if ($provider == 'Persona') 191 { 192 $template->assign('OAUTH_USER', array( 193 'provider' => $provider, 194 'username' => $user_identifier, 195 'u_profile' => null, 196 'avatar' => null, 197 )); 198 } 199 else 200 { 201 require_once(OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php'); 202 203 $hybridauth = new Hybrid_Auth($hybridauth_conf); 204 $adapter = $hybridauth->getAdapter($provider); 205 $remote_user = $adapter->getUserProfile(); 206 207 $template->assign('OAUTH_USER', array( 208 'provider' => $provider, 209 'username' => $remote_user->displayName, 210 'u_profile' => $remote_user->profileURL, 211 'avatar' => $remote_user->photoURL, 212 )); 213 } 178 214 179 215 $template->assign('OAUTH_PATH', OAUTH_PATH); … … 181 217 $template->set_prefilter('profile_content', 'oauth_remove_password_fields_prefilter'); 182 218 } 183 catch (Exception $e) { 219 catch (Exception $e) 220 { 184 221 $page['errors'][] = l10n('An error occured, please contact the gallery owner. <i>Error code : %s</i>', $e->getCode()); 185 222 } … … 201 238 } 202 239 203 list($provider) = explode('---', $oauth_id); 204 205 require_once(OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php'); 206 207 try { 208 $hybridauth = new Hybrid_Auth($hybridauth_conf); 209 $adapter = $hybridauth->getAdapter($provider); 210 $adapter->logout(); 211 } 212 catch (Exception $e) { 213 $_SESSION['page_errors'][] = l10n('An error occured, please contact the gallery owner. <i>Error code : %s</i>', $e->getCode()); 240 list($provider, $identifier) = explode('---', $oauth_id, 2); 241 242 243 if ($provider != 'Persona') 244 { 245 require_once(OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php'); 246 247 try { 248 $hybridauth = new Hybrid_Auth($hybridauth_conf); 249 $adapter = $hybridauth->getAdapter($provider); 250 $adapter->logout(); 251 } 252 catch (Exception $e) { 253 $_SESSION['page_errors'][] = l10n('An error occured, please contact the gallery owner. <i>Error code : %s</i>', $e->getCode()); 254 } 214 255 } 215 256 } … … 233 274 } 234 275 235 oauth_assign_template_vars(get_gallery_home_url()); 276 $u_redirect = !empty($_GET['redirect']) ? urldecode($_GET['redirect']) : get_gallery_home_url(); 277 oauth_assign_template_vars($u_redirect); 236 278 237 279 $template->set_prefilter('menubar', 'oauth_add_menubar_buttons_prefilter'); 238 280 } 239 281 240 function oauth_include_template() 282 283 /** 284 * load common javascript 285 */ 286 function oauth_page_header() 241 287 { 242 288 global $conf, $template; 243 289 244 290 if (isset($conf['oauth']['include_common_template'])) 245 291 {
Note: See TracChangeset
for help on using the changeset viewer.